Jump to content

We've got company!

XTreme

By XTreme
in GENERAL CHAT

 Share

Recommended Posts

XTreme

XTreme

Posted
Posted

I've noticed over the past few days that we've had a lot more IP addresses visiting the site than normal. And I mean hundreds more showing in "Who's Online".

After I did some traces it appears they all come from your-server.de. This is the standard default reverse-DNS entry for servers rented from Hetzner, so that domain name isn't anything to do with the scraping.

Basically, It's the person renting that server that we need to identify. There's just too many IP's to blacklist and they're across too many different IP ranges to pin them down.

And even if I blocked them (which would be a long job) they'd probably just switch to different IP's. I can't block all hetzner servers either cos I'd be blocking legitimate traffic as well.

The numbers at present don't cause any problem other than wasting our bandwidth, but it's something that I'll need to monitor because I don't want it escalating into something like a DDoS attack.

If you didn't understand any of that, let me summarise:

Somebody has an unusual interest in this site. And when this sort of thing happens their intentions are never good.

@Tym.......time to Lock'n'Load!

  • Sad 1
Link to comment
Share on other sites
Buckster

Buckster

Posted
Posted

IP can be spoofed anyway, you can block ping backs and even partition ip blocks if you choose, this would mitigate a ddos attack.

Link to comment
Share on other sites
XTreme

XTreme

Posted
  • Author
Posted
Just now, Buckster said:

IP can be spoofed anyway, you can block ping backs and even partition ip blocks if you choose, this would mitigate a ddos attack.

Definitely all Hetzner.......their cheap and nasty services attract a certain kind of user.

If they were specific blocks it would be easy enough......but they're not.

I have processes in place to mitigate if it becomes a problem but we're a long way from that.

Link to comment
Share on other sites
skyrider

skyrider

Posted
Posted
11 hours ago, XTreme said:

I've noticed over the past few days that we've had a lot more IP addresses visiting the site than normal. And I mean hundreds more showing in "Who's Online".

After I did some traces it appears they all come from your-server.de. This is the standard default reverse-DNS entry for servers rented from Hetzner, so that domain name isn't anything to do with the scraping.

Basically, It's the person renting that server that we need to identify. There's just too many IP's to blacklist and they're across too many different IP ranges to pin them down.

And even if I blocked them (which would be a long job) they'd probably just switch to different IP's. I can't block all hetzner servers either cos I'd be blocking legitimate traffic as well.

The numbers at present don't cause any problem other than wasting our bandwidth, but it's something that I'll need to monitor because I don't want it escalating into something like a DDoS attack.

If you didn't understand any of that, let me summarise:

Somebody has an unusual interest in this site. And when this sort of thing happens their intentions are never good.

@Tym.......time to Lock'n'Load!

be on your guard people ?

Link to comment
Share on other sites
Six30

Six30

Posted
Posted

 @XTreme only just seen this , good work last thing we need is a DDoS attack, did you block with a  22 RRTG  rogue PP ?

  would recommend  doing a Sargnet 587 run on our system as well , just to be on the safe side ?

you need any help let me know.

  • Haha 1
Link to comment
Share on other sites
XTreme

XTreme

Posted
  • Author
Posted
4 minutes ago, Six30 said:

 @XTreme only just seen this , good work last thing we need is a DDoS attack, did you block with a  22 RRTG  rogue PP ?

  would recommend  doing a Sargnet 587 run on our system as well , just to be on the safe side ?

you need any help let me know.

I knew I could count on you to have my back Six!

I'll get on the Sargnet 587 straight away.....that'll sort these annoying cunts out! :littleguy:

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

Privacy Policy

  I accept